From owner-freebsd-security@FreeBSD.ORG  Thu Sep 25 12:01:50 2003
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2910616A4B3
	for <freebsd-security@freebsd.org>;
	Thu, 25 Sep 2003 12:01:50 -0700 (PDT)
Received: from avocet.mail.pas.earthlink.net (avocet.mail.pas.earthlink.net
	[207.217.120.50])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 3BC4743FBF
	for <freebsd-security@freebsd.org>;
	Thu, 25 Sep 2003 12:01:49 -0700 (PDT)
	(envelope-from vjones62@earthlink.net)
Received: from huey.psp.pas.earthlink.net ([207.217.78.220])
	by avocet.mail.pas.earthlink.net with esmtp (Exim 3.33 #1)
	id 1A2bN6-0003Ga-00
	for freebsd-security@freebsd.org; Thu, 25 Sep 2003 12:01:48 -0700
Message-ID: <30098393.1064516508386.JavaMail.root@huey.psp.pas.earthlink.net>
Date: Thu, 25 Sep 2003 15:01:47 -0400 (GMT-04:00)
From: "V. Jones" <vjones62@earthlink.net>
To: freebsd-security@freebsd.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Mailer: Earthlink Zoo Mail 1.0
Subject: FreeBSD Patch question
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: "V. Jones" <vjones62@earthlink.net>
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Sep 2003 19:01:50 -0000

I administer a remote server and want to apply some of the security patches.  (I assume this is the best way to go since I can't go into single-user mode to use CVsup).

I have a couple of questions.  First, I have installed one of the pgp ports to verify the patches.  When I run it, I get this message:

> File 'buffer46.patch.asc' has signature, but with no text.
> Text is assumed to be in file 'buffer46.patch'.
> signature not checked.
>  Signature made 2003/09/17 18:02 GMT
>  key does not meet validity threshold.
 
> WARNING:  Because this public key is not certified with a trusted
> signature, it is not known with high confidence that this public key
> actually belongs to: "(KeyID: 0xCA6CDFB2)".

I guess that I need to do some additional set up to get pgp to validate this file.  Can anyone tell me where to find a howto on this subject or tell me what to do?

Second, Do I have apply each patch, then run make after each patch, or can I apply all the patches and just run make once?

Any other advice or suggestions on updating a remote system would be appreciated.